bump zkdcap to v0.0.1

bluele · bluele · commit 2ef90f27e7f5 · 2025-03-03T10:57:26.000+09:00
Signed-off-by: Jun Kimura &lt;jun.kimura@datachain.jp&gt;
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/app/Cargo.toml b/app/Cargo.toml
@@ -27,7 +27,7 @@ crypto = { path = "../modules/crypto" }
 keymanager = { path = "../modules/keymanager" }
 remote-attestation = { path = "../modules/remote-attestation" }
 attestation-report = { path = "../modules/attestation-report", features = ["dcap-quote-parser"] }
-zkdcap-risc0 = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
+zkdcap-risc0 = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
 
 [build-dependencies]
 git2 = { version = "0.20", default-features = false }
diff --git a/modules/attestation-report/Cargo.toml b/modules/attestation-report/Cargo.toml
@@ -18,7 +18,7 @@ pem = { version = "2.0", default-features = false }
 webpki = { version = "0.22", features = ["alloc"] }
 anyhow = { version = "1", default-features = false }
 
-dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137", optional = true }
+dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1", optional = true }
 
 [dev-dependencies]
 tokio = { version = "1.0", default-features = false, features = ["macros"] }
diff --git a/modules/lcp-client/Cargo.toml b/modules/lcp-client/Cargo.toml
@@ -11,7 +11,7 @@ flex-error = { version = "0.4.4", default-features = false }
 tiny-keccak = { version = "2.0" }
 hex-literal = { version = "0.4.1" }
 alloy-sol-types = { version = "0.8", default-features = false }
-dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
+dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
 
 attestation-report = { path = "../attestation-report", default-features = false }
 remote-attestation = { path = "../remote-attestation", default-features = false }
diff --git a/modules/lcp-client/src/client_def.rs b/modules/lcp-client/src/client_def.rs
@@ -296,11 +296,11 @@ impl LCPClient {
             ctx.store_any_client_state(client_id.clone(), client_state.clone().into())?;
         }
 
+        let host_timestamp = ctx.host_timestamp().as_unix_timestamp_secs();
         assert!(
-            output
-                .validity
-                .validate_time(ctx.host_timestamp().as_unix_timestamp_secs()),
-            "invalid validity intersection"
+            output.validity.not_before <= host_timestamp
+                && host_timestamp <= output.validity.not_after,
+            "output validity check failed"
         );
 
         assert!(
@@ -334,11 +334,11 @@ impl LCPClient {
         assert!(expected_operator.is_zero() || operator == expected_operator);
 
         let expired_at = if client_state.key_expiration.is_zero() {
-            output.validity.not_after_min
+            output.validity.not_after
         } else {
             core::cmp::min(
-                output.validity.not_before_max + client_state.key_expiration.as_secs(),
-                output.validity.not_after_min,
+                output.validity.not_before + client_state.key_expiration.as_secs(),
+                output.validity.not_after,
             )
         };
         self.set_enclave_operator_info(
diff --git a/modules/remote-attestation/Cargo.toml b/modules/remote-attestation/Cargo.toml
@@ -27,9 +27,9 @@ serde_json = { version = "1.0", features = ["preserve_order"] }
 rsa = { version = "0.9.2", features = ["pem"], optional = true }
 chrono = { version = "0.4.38", features = ["now"], optional = true }
 
-dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
-dcap-pcs = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
-dcap-collaterals = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
+dcap-quote-verifier = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
+dcap-pcs = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
+dcap-collaterals = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
 
 lcp-types = { path = "../types" }
 crypto = { path = "../crypto", default-features = false }
diff --git a/modules/remote-attestation/src/dcap.rs b/modules/remote-attestation/src/dcap.rs
@@ -63,7 +63,7 @@ pub(crate) fn dcap_ra(
     let (quote, _) = QuoteV3::from_bytes(&raw_quote).map_err(Error::dcap_quote_verifier)?;
 
     let collateral = pcs_client
-        .get_collateral(&quote.signature.qe_cert_data)
+        .get_collateral(true, &quote.signature.qe_cert_data)
         .map_err(|e| Error::anyhow(anyhow!("cannot get collateral data: {}", e)))?;
     let output = verify_quote_v3(&quote, &collateral, current_time.as_unix_timestamp_secs())
         .map_err(Error::dcap_quote_verifier)?;
@@ -119,7 +119,7 @@ mod tests {
             false,
         );
         let collateral = pcs_client
-            .get_collateral(&quote.signature.qe_cert_data)
+            .get_collateral(true, &quote.signature.qe_cert_data)
             .unwrap();
         let res = verify_quote_v3(&quote, &collateral, Time::now().as_unix_timestamp_secs());
         assert!(res.is_ok(), "{:?}", res);
diff --git a/modules/remote-attestation/src/dcap_utils.rs b/modules/remote-attestation/src/dcap_utils.rs
@@ -21,8 +21,8 @@ impl DCAPRemoteAttestationResult {
             status: self.output.status.to_string(),
             advisory_ids: self.output.advisory_ids.clone(),
             validity: Validity {
-                not_before: self.output.validity.not_before_max,
-                not_after: self.output.validity.not_after_min,
+                not_before: self.output.validity.not_before,
+                not_after: self.output.validity.not_after,
             },
             attested_at,
             collateral: ProtoQvCollateral {
diff --git a/tests/integration/Cargo.toml b/tests/integration/Cargo.toml
@@ -35,7 +35,7 @@ attestation-report = { path = "../../modules/attestation-report" }
 keymanager = { path = "../../modules/keymanager" }
 remote-attestation = { path = "../../modules/remote-attestation" }
 
-zkdcap-risc0 = { git = "https://github.com/datachainlab/zkdcap", rev = "9616d7976a84e97a128fa02175ec994b95e3c137" }
+zkdcap-risc0 = { git = "https://github.com/datachainlab/zkdcap", rev = "v0.0.1" }
 
 [features]
 default = []
